针对ECDSA证书的openssl“无共享密码”(RSA可以正常工作)

时间:2018-07-13 21:37:33

标签: openssl certificate ecdsa

当我尝试使用openssl测试ecdsa证书时,显示“未找到密码套件”。但是,RSA可以正常工作,我在生产测试(AWS IoT)中实际使用了另一个ECDSA证书,并且可以正常工作。我不知道为什么openssl不满意???我有两个会话的终端输出,包括我的证书和密钥pem输出(一台客户端和一台服务器在同一台PC上运行)。任何想法可能有什么问题吗???

////////服务器终端//////////////////////// 

$ openssl.exe version
OpenSSL 1.0.2o  27 Mar 2018

$  openssl.exe s_server -key test.key -cert test.crt -verify 0 -accept 443 -WWW verify depth is 0
Using default temp DH parameters
ACCEPT
4294956672:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:s3_srvr.c:1427:
ACCEPT

/////// Same system in a second terminal ////////

$ openssl s_client -connect 127.0.0.1:443 -CAfile test.crt
CONNECTED(00000003)
4294956672:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:802:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 308 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1531517108
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---


$ cat test.crt
-----BEGIN CERTIFICATE-----
MIIBzzCCAXagAwIBAgIJAMuakp0UdYoZMAoGCCqGSM49BAMCMDsxCzAJBgNVBAYT
AlVTMQwwCgYDVQQKDANPUkcxDDAKBgNVBAsMA0FGRzEQMA4GA1UEAwwHUm9vdCBD
QTAeFw0xODA3MTMyMTI0MzBaFw0xODA4MTIyMTI0MzBaMDsxCzAJBgNVBAYTAlVT
MQwwCgYDVQQKDANPUkcxDDAKBgNVBAsMA0FGRzEQMA4GA1UEAwwHUm9vdCBDQTBZ
MBMGByqGSM49AgEGCCqGSM49AwEHA0IABFWTAwcN5r6TQEOToRDjES2hKoofyv/w
GFn8qXwQIeRORn2LinquUMH770vt2SejlJR93nyV/XmQVu3aCVxjMvOjYzBhMB0G
A1UdDgQWBBRcUCv8D7HBeEQ7N6jbRCmJFiU4DTAfBgNVHSMEGDAWgBRcUCv8D7HB
eEQ7N6jbRCmJFiU4DTASBgNVHRMBAf8ECDAGAQH/AgEBMAsGA1UdDwQEAwIBBjAK
BggqhkjOPQQDAgNHADBEAiA8tY8ebuAhWSfRGPnd8S0ukMdGULHPP0T7zTfOdnsb
TQIgad3ML+vIa0kt+cdRLKvci0/fGWcQCbTaqgO0chyuT2g=
-----END CERTIFICATE-----

$ cat test.key
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIMtuI/yMncCnlYB/7ev8NaUWR0WYeeuIX35QVjHtA2vaoAoGCCqGSM49
AwEHoUQDQgAEVZMDBw3mvpNAQ5OhEOMRLaEqih/K//AYWfypfBAh5E5GfYuKeq5Q
wfvvS+3ZJ6OUlH3efJX9eZBW7doJXGMy8w==
-----END EC PRIVATE KEY-----

0 个答案:

没有答案
相关问题
最新问题